nginx redirection to index page - nginx

I am struggling to implement an automatic nginx redirect from non index pages to my index page, with the exception of /admin
For instance, example.com/test should redirect to example.com, but example.com/admin should not redirect to example.com
This is my current nginx configuration file:
upstream app_server {
server unix:/tmp/mysite.sock;
}
proxy_cache_path /var/www/example.com/cache levels=1:2 keys_zone=my_cache:10m max_size=10g inactive=60m use_temp_path=off;
server {
listen 80;
server_name www.example.com example.com;
# redirects both www and non-www to https
return 301 https://www.example.com$request_uri;
}
server {
listen 443;
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name www.example.com;
ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem;
charset utf-8;
client_max_body_size 75M;
location /media {
alias /var/www/example.com/media;
}
location /static {
alias /var/www/example.com/static;
}
location / {
proxy_cache my_cache;
include proxy_params;
proxy_pass http://app_server;
proxy_ssl_server_name on;
}
}
I have tried adding a try_files statetement within my location / block, and other things, but none seem to work. Am I missing something?

You are trying to mix proxy_pass with try_files, it won't work within the same location block. You can use named location instead and rewrite any URI that doesn't start with /admin to a root one using negative regex assertion:
location / {
try_files $uri #app;
}
location #app {
rewrite ^(?!/admin) / break;
proxy_cache my_cache;
include proxy_params;
proxy_pass http://app_server;
}
You don't need the separate location /media { ... } or location /static { ... } blocks, because as nginx documentation states:
When location matches the last part of the directive’s value:
location /images/ {
alias /data/w3/images/;
}
it is better to use the root directive instead:
location /images/ {
root /data/w3;
}
Instead you just need to define the common server root (outside of any location blocks):
root /var/www/example.com;
You are also don't need to use the proxy_ssl_server_name directive since you are not proxying your request to the upstream with HTTPS protocol.

Related

Nginx: How to redirect each http:port requests to HTTPS:port in the below config?

Here is my nginx.conf, works fine for https.
If someone types HTTP://dev.local.org:3002, how do I redirect to HTTPS://dev.local.org:3002 ?
This nginx is inside a docker-compose container.
worker_processes 1;
events {
worker_connections 1024;
}
#set $my_server_name _ #TODO global variable does not work?
http {
#DOCKER DNS - using this to resolve docker-compose hosts like 'appsearch', 'kibana' etc
resolver 127.0.0.11 ipv6=off;
#include mime.types;
default_type application/octet-stream;
#TO read external configuration
include sites-enabled/*.conf;
server { #DEFAULT SERVER
listen 443 ssl; # Security change
server_name _;
include common.conf;
include /etc/nginx/ssl.conf;
location / {
root html;
index index.html index.htm;
include common_location.conf;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# location /appsearch { #TODO this /appsearch did not forward. find how to do it.
# rewrite ^/appsearch(.*) /$1 break;
# resolver 127.0.0.11 valid=30s ;
# set $backend http://appsearch:3002;
# proxy_pass $backend; # Use variable To avoid upstream host not found error.
# }
}#server80
server {
listen 9200 ssl;
server_name _;
include common.conf;
include /etc/nginx/ssl.conf;
location / {
set $backend http://elasticsearch:9200;
proxy_pass $backend; # Use variable To avoid upstream host not found error.
include common_location.conf;
}
}#server
server {
listen 3002 ssl;
#server_name dev.local.org; #TODO yuck, bad to add server name!
server_name _;
include common.conf;
include /etc/nginx/ssl.conf;
location / {
set $backend http://appsearch:3002;
proxy_pass $backend; # Use variable To avoid upstream host not found error.
include common_location.conf;
}
}#server
server {
listen 5601;
server_name _;
include common.conf;
include /etc/nginx/ssl.conf;
location / {
set $backend http://kibana:5601;
proxy_pass $backend; # Use variable To avoid upstream host not found error.
include common_location.conf;
}
}#server
}
Use the 497 HTTP error to redirect: (source: https://meabed.com/http-497-status-code/)
In your conf you would add something like this:
listen 1234 ssl;
server_name your.site.tld;
ssl on;
error_page 497 https://$host:1234$request_uri;
}```

Nginx serving server and static build

I have one next.js server that is running on port 3000 and I have static build (created with create-react-app), that should be admin panel. So it looks like this
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/city-am-club/admin/build/;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location /admin/ {
root /usr/share/nginx/myproject/admin/build;
index index.html index.htm;
try_files $uri /index.html;
default_type "text/html";
}
location / {
rewrite /(.*) /$1 break;
proxy_pass http://127.0.0.1:3000;
}
}
I understand that location should be like this with admni panel, cause location is path after root path.
location / {
root /usr/share/nginx/myproject/admin/build;
index index.html index.htm;
try_files $uri /index.html;
default_type "text/html";
}
Any way, I don't really know how to configure this correct. Right now I cannot get my built files, i tried a lot of different variations of this config. ATM I have a behavior when all my routes location /, even when I try to react /admin it shows me 404 page (custom page of locations / server template).
Try this for your NGINX config.
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/city-am-club/admin/build/;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
rewrite /(.*) /$1 break;
proxy_pass http://127.0.0.1:3000;
location /admin/ {
alias /usr/share/nginx/myproject/admin/build;
index index.html index.htm;
try_files $uri /index.html;
default_type "text/html";
}
}
If the admin path is not /usr/share/nginx/myproject/admin/build then change the alias section.

nginx root directive causing 404

I ham trying to make http://example.com serve http://example.com/home.html from /home/ubuntu/mysitedir/home.html.
I have the following conf file which successfully redirects everything to https, and proxies to uwsgi. The http->https redirection works fine, and the uwsgi proxy works, but http(s)://example.com/, http(s)://example.com/home.html, http(s)://example.com/index.html, and http(s)://example.com/index.htm are all 404
Any pointers as to what I can try?
Here is my conf file:
server {
listen 80;
server_name example.com;
return 301 https://$server_name$request_uri;
root /home/ubuntu/mysitedir/;
index home.html;
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/nginx/ssl/example_combined.crt;
ssl_certificate_key /etc/nginx/ssl/www.example.com.key;
root /home/ubuntu/mysitedir/;
index home.html;
location /images/ads {
alias /home/ubuntu/mysitedir/images/ads/;
}
location /images {
alias /home/ubuntu/mysitedir/images/;
}
location /static {
alias /home/ubuntu/mysitedir/static/;
}
location / {
alias /home/ubuntu/mysitedir/;
include uwsgi_params;
uwsgi_pass unix:/tmp/mysitedir.sock;
}
}
Thanks.
location / is the catch-all. You could try the try_files directive like this:
location #wsgisite {
include uwsgi_params;
uwsgi_pass unix:/tmp/mysitedir.sock;
}
location / {
index home.html;
try_files $uri $uri/ #wsgisite;
}
Any thing coming into the base location will first check to see if it is a file, or a directory with an index (home.html) file in it, and if not, then pass it on to the #wsgisite.
This should also make the other three location directives obselete, since nginx will be checking for the files first before passing it to the wsgi block.

nginx: trying to enable https results in 'This webpage has a redirect loop'

In my nginx configuration, if I have the following setup, whenever i go to the site i get 'This webpage has a redirect loop'
server {
listen 80;
merge_slashes off;
server_name domain.com www.domain.com
rewrite ^(.*) https://$host$1 permanent;
}
server {
listen 443;
merge_slashes off;
server_name domain.com www.domain.com;
location / { try_files $uri #app; }
location #app {
include uwsgi_params;
uwsgi_pass 0.0.0.0:5002;
}
}
Try to add:
ssl on;
ssl_certificate /xxx/bundle.pem;
ssl_certificate_key /xxx/server.key;

Nginx subdomain configuration

I have nginx acting as a reverse proxy to apache. I now need to add a new subdomain
that will serve files from another directory, but at the same time I want all location and proxy_pass directives that I have for the default host to apply to the subdomain also.
I know that if I copy the rules from the default host to the new subdomain it will work, but is there a way for the subdomain to inherit the rules?
Below is a sample configuration
server {
listen 80;
server_name www.somesite.com;
access_log logs/access.log;
error_log logs/error.log error;
location /mvc {
proxy_pass http://localhost:8080/mvc;
}
location /assets {
alias /var/www/html/assets;
expires max;
}
... a lot more locations
}
server {
listen 80;
server_name subdomain.somesite.com;
location / {
root /var/www/some_dir;
index index.html index.htm;
}
}
Thanks
You could move the common parts to another configuration file and include from both server contexts. This should work:
server {
listen 80;
server_name server1.example;
...
include /etc/nginx/include.d/your-common-stuff.conf;
}
server {
listen 80;
server_name another-one.example;
...
include /etc/nginx/include.d/your-common-stuff.conf;
}
Edit: Here's an example that's actually copied from my running server. I configure my basic server settings in /etc/nginx/sites-enabled (normal stuff for nginx on Ubuntu/Debian). For example, my main server bunkus.org's configuration file is /etc/nginx/sites-enabled and it looks like this:
server {
listen 80 default_server;
listen [2a01:4f8:120:3105::101:1]:80 default_server;
include /etc/nginx/include.d/all-common;
include /etc/nginx/include.d/bunkus.org-common;
include /etc/nginx/include.d/bunkus.org-80;
}
server {
listen 443 default_server;
listen [2a01:4f8:120:3105::101:1]:443 default_server;
include /etc/nginx/include.d/all-common;
include /etc/nginx/include.d/ssl-common;
include /etc/nginx/include.d/bunkus.org-common;
include /etc/nginx/include.d/bunkus.org-443;
}
As an example here's the /etc/nginx/include.d/all-common file that's included from both server contexts:
index index.html index.htm index.php .dirindex.php;
try_files $uri $uri/ =404;
location ~ /\.ht {
deny all;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location ~ /(README|ChangeLog)$ {
types { }
default_type text/plain;
}

Resources